Sr Director, Cyber Defense

Department Overview

The Senior Director of Global Cyber Defense reports to the Vice President, Global Security Services and serves as the enterprise leader responsible for detecting, responding to, and mitigating threats to the McDonald’s system. This role oversees the Global Security Operations Center (GSOC), Incident Response, Threat Intelligence, Insider Threat, Offensive Security (Penetration Testing), and Detection Engineering functions, ensuring a unified and adaptive defense capability across the global enterprise.

Acting as both an executive leader and operational strategist, the Senior Director will build and mature the global Cyber Defense organization as a managed service provider (MSP) to the markets in which McDonald’s operates in, licensees, and affiliates, providing core detection and response services across entities of varying maturity and operational control.

This is among the most critical leadership roles within Global Cyber Security, directly responsible for protecting the McDonald’s brand, leading enterprise crisis response, and maintaining confidence among senior leadership, markets, and franchisees worldwide.

Duties

Strategic Leadership

• Define and execute the global Cyber Defense strategy, ensuring alignment with enterprise risk management, brand protection, and the Accelerating the Arches vision.
• Partner closely with the CISO, Global Technology leadership, and regional CIOs to deliver unified detection, response, and threat-hunting capabilities across corporate, market, and restaurant environments.
• Establish measurable performance outcomes and global service metrics that ensure consistent quality, responsiveness, and transparency across all global markets.
• Represent Cyber Defense during major incidents, executive briefings, and board-level discussions, serving as a key enterprise spokesperson during cybersecurity events and crisis management activities.

Operational Excellence

• Oversee the Global Security Operations Center (GSOC) to ensure 24x7 detection, response, and containment of threats across global networks, cloud environments, and restaurant technologies.
• Lead enterprise-wide incident response, forensics, and post-incident review processes, ensuring rapid mitigation and continuous improvement.
• Manage global threat intelligence programs to identify, assess, and prioritize emerging risks relevant to McDonald’s operations, supply chain, and digital ecosystem.
• Direct the insider threat program, balancing risk detection with privacy and compliance considerations.
• Lead the Offensive Security and Red Team functions responsible for testing McDonald’s global technology and application ecosystem, validating resilience across platforms that power restaurant, customer, and market operations.
• Oversee the development and tuning of global detection and response content, automation, and telemetry pipelines across endpoint, network, and cloud environments.

Global Service Delivery (MSP Model)

• Build and scale Cyber Defense as a shared service to McDonald’s global markets, owner-operators, and affiliates of varying maturity.
• Establish frameworks for onboarding, service levels, and operational playbooks that ensure consistency and flexibility across different market models.
• Collaborate with regional technology teams to integrate detection, response, and intelligence capabilities while respecting sovereignty and local regulatory requirements.
• Partner with Enterprise Architecture, Identity, and Endpoint teams to ensure a cohesive “defense-in-depth” architecture supporting both corporate and restaurant systems.

Qualifications

• 12+ years of experience in cybersecurity operations, incident response, or threat management, with at least 5 years in senior leadership capacity.
• Demonstrated experience leading large-scale global security operations or cyber defense functions within complex, federated enterprises or franchise models.
• Proven success in building and operating global 24x7 detection and response programs, including SOC, IR, and threat intelligence functions.
• Strong understanding of cloud, endpoint, and network detection engineering, red-teaming, and automation frameworks.
• Executive presence and experience communicating with senior leadership, boards, and non-technical audiences during high-pressure situations.
• Demonstrated ability to deliver managed security services or shared security functions across diverse global markets or affiliates.
• Excellent collaboration, communication, and stakeholder management skills across technical and business domains.

Preferred Qualifications

• 15+ years of experience in cybersecurity operations or equivalent domains.
• Advanced degree in Computer Science, Cybersecurity, or related technical discipline.
• Certifications such as CISSP, GIAC (GCIH, GRID, GCFA), or CISM.
• Experience leading global incident response for large-scale enterprises or critical infrastructure organizations.
• Familiarity with regulatory and compliance frameworks including SOX, PCI, GDPR, and NIST.

Cultural & Leadership Attributes

• Calm, decisive, and credible during times of crisis, with the ability to lead through ambiguity and pressure.
• Operates as a trusted partner and service provider to global markets, demonstrating empathy, accountability, and adaptability.
• Relentless focus on protecting the brand, upholding operational integrity, and advancing a proactive defense posture.
• Balances strategic foresight with operational precision, ensuring the team can execute flawlessly while planning for the future.

Compensation

Bonus Eligible: Yes

Long - Term Incentive: Yes

Benefits Eligible: Yes

Salary Range

The expected salary range for this role is $222k-$289k per year
 
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.

Competencies